/// <summary>
/// Initializes a new instance of the <see cref="UserPermission"/> class.
/// </summary>
/// <param name="serverID">The ID of the server that the permission is associated with.</param>
/// <param name="userID">The ID of the user that the permission applies to.</param>
/// <param name="permission">The unique identifier of the permission.</param>
/// <param name="target">The allowed targets for the permission.</param>
public UserPermission(Snowflake serverID, Snowflake userID, Guid permission, PermissionTarget target)
{
this.UserID = userID;
this.Permission = permission;
this.Target = target;
this.ServerID = serverID;
}
/// <summary>
/// Initializes a new instance of the <see cref="UserPermission"/> class.
/// </summary>
/// <param name="serverID">The ID of the server that the permission is associated with.</param>
/// <param name="userID">The ID of the user that the permission applies to.</param>
/// <param name="permission">The unique identifier of the permission.</param>
/// <param name="target">The allowed targets for the permission.</param>
public UserPermission(long serverID, long userID, Guid permission, PermissionTarget target)
{
this.UserID = userID;
this.Permission = permission;
this.Target = target;
this.ServerID = serverID;
}
internal static ChannelCreateAuditLogData Create(BaseDiscordClient discord, Model log, EntryModel entry)
{
var changes = entry.Changes;
var overwrites = new List <Overwrite>();
var overwritesModel = changes.FirstOrDefault(x => x.ChangedProperty == "permission_overwrites");
var typeModel = changes.FirstOrDefault(x => x.ChangedProperty == "type");
var nameModel = changes.FirstOrDefault(x => x.ChangedProperty == "name");
var type = typeModel.NewValue.ToObject <ChannelType>();
var name = nameModel.NewValue.ToObject <string>();
foreach (var overwrite in overwritesModel.NewValue)
{
var deny = overwrite.Value <ulong>("deny");
var _type = overwrite.Value <string>("type");
var id = overwrite.Value <ulong>("id");
var allow = overwrite.Value <ulong>("allow");
PermissionTarget permType = _type == "member" ? PermissionTarget.User : PermissionTarget.Role;
overwrites.Add(new Overwrite(id, permType, new OverwritePermissions(allow, deny)));
}
return(new ChannelCreateAuditLogData(entry.TargetId.Value, name, type, overwrites.ToReadOnlyCollection()));
}
private OverwriteUpdateAuditLogData(OverwritePermissions before, OverwritePermissions after, ulong targetId, PermissionTarget targetType)
{
OldPermissions = before;
NewPermissions = after;
OverwriteTargetId = targetId;
OverwriteType = targetType;
}
/// <inheritdoc/>
public bool IsGrantedByDefaultTo(PermissionTarget target)
{
switch (target)
{
case PermissionTarget.Self:
{
return(this.IsGrantedByDefaultToSelf);
}
case PermissionTarget.Other:
{
return(this.IsGrantedByDefaultToOthers);
}
case PermissionTarget.All:
{
return(this.IsGrantedByDefaultToSelf && this.IsGrantedByDefaultToOthers);
}
default:
{
throw new ArgumentOutOfRangeException(nameof(target), target, null);
}
}
}
public static PermissionTargetDto Map(PermissionTarget permissionTarget)
{
return new PermissionTargetDto
{
DisplayOrder = permissionTarget.DisplayOrder,
Name = permissionTarget.Name
};
}
/// <inheritdoc/>
public bool IsGrantedByDefaultTo(PermissionTarget target)
{
return(target switch
{
PermissionTarget.Self => this.IsGrantedByDefaultToSelf,
PermissionTarget.Other => this.IsGrantedByDefaultToOthers,
PermissionTarget.All => this.IsGrantedByDefaultToSelf && this.IsGrantedByDefaultToOthers,
_ => throw new ArgumentOutOfRangeException(nameof(target), target, null)
});
async Task manageThing(string strId, ulong thingId, PermissionTarget thingType, bool?value)
{
await Interaction.AcknowledgeAsync(flags : InteractionResponseFlags.Ephemeral);
try
{
RestApplicationCommand command = await getCommand(strId);
if (command == null)
{
await Interaction.FollowupAsync(":x: Command does not exist");
return;
}
GuildApplicationCommandPermissions existingPerms = null;
if (command is RestGlobalCommand g)
{
existingPerms = await g.GetCommandPermissions(Interaction.Guild.Id);
}
else if (command is RestGuildCommand u)
{
existingPerms = await u.GetCommandPermissions();
}
var permBuilder = SlashCommandPermsBuilder.From(existingPerms);
var existingValue = permBuilder.Get(thingId);
if (value.HasValue)
{
if (existingValue != value.Value)
{
permBuilder.With(thingId, thingType, value.Value);
await command.ModifyCommandPermissionsAsync(Interaction.Guild.Id, permBuilder.Build().ToArray());
}
await Interaction.FollowupAsync("Done!");
}
else
{
if (!existingValue.HasValue)
{
await Interaction.FollowupAsync($"{thingType} has no explicit permission set.");
}
else
{
await Interaction.FollowupAsync($"{thingType} permission for command: " + emote(existingValue.Value));
}
}
}
catch (Exception ex)
{
Program.LogMsg(ex, "a");
}
}
private void CreateOrUpdatePublicPermissions(string repo, string path)
{
string prefix = FindPrefixFromOrigin();
// create permissions based on the repo and path
string permissionTargetKey = string.Format("shr-{0}-{1}-{2}.pub", prefix, repo.Replace(".", "").Replace(" ", ""), path.GetHashCode());
string permissionTargetlRepoDescription = string.Format("Public sharing permissions on {0} in {1} for repo {2}", repo, Origin, repo);
string permissionsTargetIncludePattern = string.Format("{0}/**", path);
PermissionTarget permissionTarget = storeBaseUrl.Security().GetPermissionTargetDetails(permissionTargetKey);
// some persmissions already exist for that repo
if (permissionTarget != null)
{
if (permissionTarget.Repositories.Count() > 1 || !permissionTarget.Repositories.Contains(repo))
{
log.ErrorFormat("Permission target already exists on artifactory but not for the right repo : {0} [{1}]. Please contact the administrator.", permissionTargetKey, repo);
throw new ShareException(string.Format("Permission target already exists on artifactory but not for the right repo : {0} [{1}]. Please contact the administrator.", permissionTargetKey, repo));
}
// if the permission does not exist
if (!permissionTarget.IncludesPattern.Split(',').Any(ip => ip.Trim(' ') == permissionsTargetIncludePattern))
{
log.DebugFormat("Updating already existing permission target on artifactory : {0}", permissionTargetKey);
permissionTarget.IncludesPattern += "," + permissionsTargetIncludePattern;
}
}
else
{
permissionTarget = new PermissionTarget()
{
Name = permissionTargetKey,
Repositories = new System.Collections.Generic.List <string>()
{
repo
},
IncludesPattern = permissionsTargetIncludePattern
};
}
Permissions permissions = new Permissions();
permissions.Add("r");
permissionTarget.Principals.Groups.Clear();
permissionTarget.Principals.Groups.Add("readers", permissions);
permissionTarget.Principals.Users.Clear();
permissionTarget.Principals.Users.Add("anonymous", permissions);
storeBaseUrl.Security().CreateOrReplacePermissionTarget(permissionTarget);
}
internal static OverwriteCreateAuditLogData Create(BaseDiscordClient discord, Model log, EntryModel entry)
{
API.AuditLogChangeJson[] changes = entry.Changes;
API.AuditLogChangeJson denyModel = changes.FirstOrDefault(x => x.ChangedProperty == "deny");
API.AuditLogChangeJson allowModel = changes.FirstOrDefault(x => x.ChangedProperty == "allow");
ulong deny = denyModel.NewValue.ToObject <ulong>(discord.ApiClient.Serializer);
ulong allow = allowModel.NewValue.ToObject <ulong>(discord.ApiClient.Serializer);
OverwritePermissions permissions = new OverwritePermissions(allow, deny);
ulong id = entry.Options.OverwriteTargetId.Value;
PermissionTarget type = entry.Options.OverwriteType;
return(new OverwriteCreateAuditLogData(entry.TargetId.Value, new Overwrite(id, type, permissions)));
}
internal static OverwriteDeleteAuditLogData Create(BaseDiscordClient discord, Model log, EntryModel entry)
{
var changes = entry.Changes;
var denyModel = changes.FirstOrDefault(x => x.ChangedProperty == "deny");
var typeModel = changes.FirstOrDefault(x => x.ChangedProperty == "type");
var idModel = changes.FirstOrDefault(x => x.ChangedProperty == "id");
var allowModel = changes.FirstOrDefault(x => x.ChangedProperty == "allow");
var deny = denyModel.OldValue.ToObject <ulong>();
var type = typeModel.OldValue.ToObject <string>();
var id = idModel.OldValue.ToObject <ulong>();
var allow = allowModel.OldValue.ToObject <ulong>();
PermissionTarget target = type == "member" ? PermissionTarget.User : PermissionTarget.Role;
return(new OverwriteDeleteAuditLogData(new Overwrite(id, target, new OverwritePermissions(allow, deny))));
}
internal static OverwriteUpdateAuditLogData Create(BaseDiscordClient discord, Model log, EntryModel entry)
{
API.AuditLogChangeJson[] changes = entry.Changes;
API.AuditLogChangeJson denyModel = changes.FirstOrDefault(x => x.ChangedProperty == "deny");
API.AuditLogChangeJson allowModel = changes.FirstOrDefault(x => x.ChangedProperty == "allow");
ulong?beforeAllow = allowModel?.OldValue?.ToObject <ulong>(discord.ApiClient.Serializer);
ulong?afterAllow = allowModel?.NewValue?.ToObject <ulong>(discord.ApiClient.Serializer);
ulong?beforeDeny = denyModel?.OldValue?.ToObject <ulong>(discord.ApiClient.Serializer);
ulong?afterDeny = denyModel?.NewValue?.ToObject <ulong>(discord.ApiClient.Serializer);
OverwritePermissions beforePermissions = new OverwritePermissions(beforeAllow ?? 0, beforeDeny ?? 0);
OverwritePermissions afterPermissions = new OverwritePermissions(afterAllow ?? 0, afterDeny ?? 0);
PermissionTarget type = entry.Options.OverwriteType;
return(new OverwriteUpdateAuditLogData(entry.TargetId.Value, beforePermissions, afterPermissions, entry.Options.OverwriteTargetId.Value, type));
}
internal static OverwriteCreateAuditLogData Create(BaseDiscordClient discord, Model log, EntryModel entry)
{
var changes = entry.Changes;
var denyModel = changes.FirstOrDefault(x => x.ChangedProperty == "deny");
var allowModel = changes.FirstOrDefault(x => x.ChangedProperty == "allow");
var deny = denyModel.NewValue.ToObject <ulong>();
var allow = allowModel.NewValue.ToObject <ulong>();
var permissions = new OverwritePermissions(allow, deny);
var id = entry.Options.OverwriteTargetId.Value;
var type = entry.Options.OverwriteType;
PermissionTarget target = type == "member" ? PermissionTarget.User : PermissionTarget.Role;
return(new OverwriteCreateAuditLogData(new Overwrite(id, target, permissions)));
}
internal static OverwriteUpdateAuditLogData Create(BaseDiscordClient discord, Model log, EntryModel entry)
{
var changes = entry.Changes;
var denyModel = changes.FirstOrDefault(x => x.ChangedProperty == "deny");
var allowModel = changes.FirstOrDefault(x => x.ChangedProperty == "allow");
var beforeAllow = allowModel?.OldValue?.ToObject <ulong>();
var afterAllow = allowModel?.NewValue?.ToObject <ulong>();
var beforeDeny = denyModel?.OldValue?.ToObject <ulong>();
var afterDeny = denyModel?.OldValue?.ToObject <ulong>();
var beforePermissions = new OverwritePermissions(beforeAllow ?? 0, beforeDeny ?? 0);
var afterPermissions = new OverwritePermissions(afterAllow ?? 0, afterDeny ?? 0);
PermissionTarget target = entry.Options.OverwriteType == "member" ? PermissionTarget.User : PermissionTarget.Role;
return(new OverwriteUpdateAuditLogData(beforePermissions, afterPermissions, entry.Options.OverwriteTargetId.Value, target));
}
public PermissionStatus IsFiltered(ulong id, PermissionTarget target)
{
for (int i = 0; i < Permissions.Count; i++)
{
Permission permission = Permissions[i];
if (permission.Target == target)
{
PermissionStatus targetStatus = permission.IsFiltered(id);
if (targetStatus != PermissionStatus.NotFound)
{
return(targetStatus);
}
}
}
return(PermissionStatus.NotFound);
}
/***************************************************************************************************************************************/
#region Permissions
/// <summary>
/// Creates the permission for group on repo.
/// </summary>
/// <param name="group">Group.</param>
/// <param name="repo">Repo.</param>
public void CreatePermissionForGroupOnRepo(string group, string repo)
{
PermissionTarget permissionTarget = new PermissionTarget {
Name = group,
Repositories = new List <string> {
repo
}
};
Permissions permissions = new Permissions();
permissions.Add(PERMISSION_DELETE);
permissions.Add(PERMISSION_READ);
permissions.Add(PERMISSION_DEPLOY);
permissions.Add(PERMISSION_ANNOTATE);
permissionTarget.Principals.Groups.Clear();
permissionTarget.Principals.Groups.Add(group, permissions);
ArtifactoryBaseUrl.Security().CreateOrReplacePermissionTarget(permissionTarget);
}
/// <summary>
/// Initializes a new instance of the <see cref="RequireEntityOwnerOrPermissionAttribute"/> class.
/// </summary>
/// <param name="permission">The permission to require.</param>
/// <param name="target">The target to require.</param>
public RequireEntityOwnerOrPermissionAttribute(Permission permission, PermissionTarget target)
{
this.Permission = permission;
this.Target = target;
}
/// <summary>
/// Initializes a new instance of the <see cref="RequirePermissionAttribute"/> class.
/// </summary>
/// <param name="type">The required permission.</param>
/// <param name="target">The required target scope.</param>
public RequirePermissionAttribute(Type type, PermissionTarget target)
{
this.Type = type;
this.Target = target;
}
public ModifyChannelPermissionsParams(PermissionTarget type, ChannelPermissions allow, ChannelPermissions deny)
{
Type = type;
Allow = allow;
Deny = deny;
}
/// <summary>
/// Initializes a new instance of the <see cref="RolePermission"/> class.
/// </summary>
/// <param name="roleID">The ID of the role that the permission applies to.</param>
/// <param name="permission">The unique identifier of the permission.</param>
/// <param name="target">The allowed targets for the permission.</param>
public RolePermission(long roleID, Guid permission, PermissionTarget target)
{
this.RoleID = roleID;
this.Permission = permission;
this.Target = target;
}
public bool Equals(PermissionTarget type) => type != null && type.Value == Value;
public async Task <bool> CheckPermissionAsync(PrincipalIn principal, string uniqueRightCode, PermissionTarget target, CancellationToken cancellationToken = default)
{
var queryParameters = new NameValueCollection();
return(await _connection.RequestResourceAsync <PermissionsCheckPermissionPostRequest, bool>("POST", $"api/http/permissions/check-permission{queryParameters.ToQueryString()}",
new PermissionsCheckPermissionPostRequest
{
Principal = principal,
UniqueRightCode = uniqueRightCode,
Target = target,
}, cancellationToken));
}
/// <summary>
/// Initializes a new instance of the <see cref="RequireEntityOwnerOrPermissionAttribute"/> class.
/// </summary>
/// <param name="permissionType">The permission to require.</param>
/// <param name="target">The target to require.</param>
public RequireEntityOwnerOrPermissionAttribute(Type permissionType, PermissionTarget target)
{
_permissionType = permissionType;
_target = target;
}
/// <summary>
/// Initializes a new <see cref="Overwrite"/> with provided target information and modified permissions.
/// </summary>
public Overwrite(ulong targetId, PermissionTarget targetType, OverwritePermissions permissions)
{
TargetId = targetId;
TargetType = targetType;
Permissions = permissions;
}
private void CreateOrUpdateRestrictedPermissions(string repo, string path, bool addPermissions = false)
{
string prefix = FindPrefixFromOrigin();
// create permissions based on the repo and path
string permissionTargetKey = string.Format("shr-{0}-{1}-{2}.reader", prefix, repo.Replace(".", "").Replace(" ", ""), path.GetHashCode());
string permissionTargetlRepoDescription = string.Format("Sharing permissions on {0} in {1} for repo {2}", repo, Origin, repo);
string permissionsTargetIncludePattern = string.Format("{0}/**", path);
PermissionTarget permissionTarget = storeBaseUrl.Security().GetPermissionTargetDetails(permissionTargetKey);
// some persmissions already exist for that repo
if (permissionTarget != null)
{
if (permissionTarget.Repositories.Count() > 1 || !permissionTarget.Repositories.Contains(repo))
{
log.ErrorFormat("Permission target already exists on artifactory but not for the right repo : {0} [{1}]. Please contact the administrator.", permissionTargetKey, repo);
throw new ShareException(string.Format("Permission target already exists on artifactory but not for the right repo : {0} [{1}]. Please contact the administrator.", permissionTargetKey, repo));
}
// if the permission does not exist
if (!permissionTarget.IncludesPattern.Split(',').Any(ip => ip.Trim(' ') == permissionsTargetIncludePattern))
{
log.DebugFormat("Updating already existing permission target on artifactory : {0}", permissionTargetKey);
permissionTarget.IncludesPattern += "," + permissionsTargetIncludePattern;
}
}
else
{
permissionTarget = new PermissionTarget()
{
Name = permissionTargetKey,
Repositories = new System.Collections.Generic.List <string>()
{
repo
},
IncludesPattern = permissionsTargetIncludePattern
};
}
foreach (var community in Communities)
{
string communityGroupName = string.Format("{0}-co-{1}", prefix, community.Identifier);
Permissions permissions = new Permissions();
if (addPermissions && permissionTarget.Principals.Groups.ContainsKey(communityGroupName))
{
permissions = permissionTarget.Principals.Groups[communityGroupName];
}
if (!permissions.Contains("r"))
{
permissions.Add("r");
}
permissionTarget.Principals.Groups.Remove(communityGroupName);
permissionTarget.Principals.Groups.Add(communityGroupName, permissions);
}
foreach (var user in Users)
{
Permissions permissions = new Permissions();
if (addPermissions && permissionTarget.Principals.Groups.ContainsKey(user.Username))
{
permissions = permissionTarget.Principals.Users[user.Username];
}
if (!permissions.Contains("r"))
{
permissions.Add("r");
}
permissionTarget.Principals.Users.Remove(user.Username);
permissionTarget.Principals.Users.Add(user.Username, permissions);
}
storeBaseUrl.Security().CreateOrReplacePermissionTarget(permissionTarget);
}
/// <summary>
/// Initializes a new instance of the <see cref="RequirePermissionAttribute"/> class.
/// </summary>
/// <param name="permissionType">The required permission.</param>
/// <param name="target">The required target scope.</param>
public RequirePermissionAttribute([NotNull] Type permissionType, PermissionTarget target)
{
_permissionType = permissionType;
_target = target;
}
public Permission(PermissionType type, PermissionTarget target, List <ulong> identifiers)
{
Type = type;
Target = target;
Identifiers = identifiers;
}
public PermissionsCheckPermissionPostRequest(PrincipalIn principal, string uniqueRightCode, PermissionTarget target)
{
Principal = principal;
UniqueRightCode = uniqueRightCode;
Target = target;
}
public bool Equals(PermissionTarget type) => type != null && type.Value == Value;
